Cryptography Reference
In-Depth Information
Size of key:
Symmetric encryption systems employ secret keys that must be se-
curely generated, distributed, managed, and memorized. It is therefore desir-
able (from an implementation and performance viewpoint) to have keys that
are as small as possible.
Complexity of enciphering and deciphering operations:
To allow an efficient
implementation, the enciphering and deciphering operations should not be too
complex (again, they should be as simple as possible).
Propagation of errors:
Different symmetric encryption systems and different modes
of operation have different characteristics with regard to the propagation of
errors. Sometimes propagation of errors is desirable, and sometimes it is not.
Consequently, the nature and the characteristics of the application determines
the requirements with regard to error propagation. In many situations, it is
desirable to have small error propagation.
Expansion of messages:
In some symmetric encryption systems, the size of a
message is increased by the encryption, meaning that the ciphertext is larger
than the corresponding plaintext message. This is not always desirable, and
sometimes symmetric encryption systems are designed to minimize message
expansion. If, for example, encrypted data must be fed into a fixed-length field
of a communication protocol, then the symmetric encryption system must not
expand the plaintext message.
This list is not comprehensive, and many other and complementary evaluation
criteria may be important in a specific environment or application setting. Further-
more, not all criteria introduced by Shannon are still equally important today. For
example, the “size of key” and the “complexity of enciphering and deciphering op-
erations” criteria are not so important anymore (because there are computer systems
that manage keys and run the enciphering and deciphering operations).
10.2
BLOCK CIPHERS
As mentioned before, every practical symmetric encryption system processes plain-
text messages unit by unit, and in the case of a block cipher a unit is called a block.
Consequently, a block cipher maps plaintext message blocks of a specific length
into ciphertext blocks of the same length, and hence
=Σ
n
(for a specific
alphabet Σ and a specific block length
n
). For example, the additive, multiplicative,
and affine ciphers mentioned earlier are block ciphers with alphabet Σ=
M
=
C
Z
26
and
block length 1.
